From owner-freebsd-bugs Sun Oct 27 2:50: 5 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 465FE37B401 for ; Sun, 27 Oct 2002 02:50:03 -0800 (PST) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id CDAEC43E65 for ; Sun, 27 Oct 2002 02:50:01 -0800 (PST) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id g9RAo1x3042017 for ; Sun, 27 Oct 2002 02:50:01 -0800 (PST) (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.12.6/8.12.6/Submit) id g9RAo1JR042016; Sun, 27 Oct 2002 02:50:01 -0800 (PST) Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4BF3637B401 for ; Sun, 27 Oct 2002 02:48:01 -0800 (PST) Received: from www.freebsd.org (www.freebsd.org [216.136.204.117]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0A72343E65 for ; Sun, 27 Oct 2002 02:48:01 -0800 (PST) (envelope-from nobody@FreeBSD.org) Received: from www.freebsd.org (localhost [127.0.0.1]) by www.freebsd.org (8.12.6/8.12.6) with ESMTP id g9RAm07R057616 for ; Sun, 27 Oct 2002 02:48:00 -0800 (PST) (envelope-from nobody@www.freebsd.org) Received: (from nobody@localhost) by www.freebsd.org (8.12.6/8.12.6/Submit) id g9RAm0h0057615; Sun, 27 Oct 2002 02:48:00 -0800 (PST) Message-Id: <200210271048.g9RAm0h0057615@www.freebsd.org> Date: Sun, 27 Oct 2002 02:48:00 -0800 (PST) From: Hideki Sakamoto To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-1.0 Subject: bin/44518: ftpd does not show OPIE OTP challenge Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 44518 >Category: bin >Synopsis: ftpd does not show OPIE OTP challenge >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Sun Oct 27 02:50:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Hideki Sakamoto >Release: FreeBSD 4.7-RELEASE-p1 >Organization: >Environment: FreeBSD xxxxx 4.7-RELEASE-p1 FreeBSD 4.7-RELEASE-p1 #1: Fri Oct 25 16:54:58 JST 2002 sakamoto@xxxxx:/usr/obj /usr/src/sys/XXXXX i386 >Description: Ftpd can authenticate a user with OPIE PAM module(pam_opie) when it's enabled in /etc/pam.conf. But client program cannot calculate OTP because ftpd doesn't show challenge to client in the session. >How-To-Repeat: 1. Set a user's password for the OPIE authentication system. % opiepasswd -c 2. Try FTP with telnet. * % telnet localhost ftp Trying ::1... telnet: connect to address ::1: Connection refused Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 xxxxxx.hlla.is.tsukuba.ac.jp FTP server (Version 6.00LS) ready. * user sakamoto 331 Password required for sakamoto. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Ftpd should have shown OTP challenge at this time. Nevertheless, authentication will success if a user know correct OTP and put it with "pass" command. S/Key authentication(pam_skey) have same probrem but its ok because ftpd have native S/Key authentication mechanism and it shows challenge at the end of "user" command handler. >Fix: I have no good idea. Dirty solution is; Show OPIE challenge at the end of "user" command handler like S/Key. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message